Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/cjTq6ujUc5RaAqw-KYAtYxLmbVE.roa
File: cjTq6ujUc5RaAqw-KYAtYxLmbVE.roa (raw, json)
Hash identifier: cAmwQejC8aT+W9BdNyugd2iirAo3Kajyh3K7B6QeiPg=
Subject key identifier: 72:34:EA:EA:E8:D4:73:94:5A:02:AC:3E:29:80:2D:63:12:E6:6D:51
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 5D7D92
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/cjTq6ujUc5RaAqw-KYAtYxLmbVE.roa
Signing time: Fri 01 Jul 2022 04:19:58 +0000
ROA not before: Fri 01 Jul 2022 04:19:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142418
IP address blocks: 2a12:f8c0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6126994 (0x5d7d92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jul 1 04:19:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7234eaeae8d473945a02ac3e29802d6312e66d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4a:ba:cd:10:aa:e7:ef:bc:2f:ab:d2:bd:56:
67:87:4c:6a:63:f9:59:49:f2:a9:c8:1c:58:89:10:
3c:8c:be:9a:ad:b9:ba:5a:24:2f:e9:40:f6:3a:dd:
ca:71:e3:33:da:fa:a4:aa:14:26:82:97:43:57:e6:
f6:25:79:22:90:38:0a:e1:c1:c6:23:8b:3d:14:25:
ee:a0:8f:bc:99:12:3c:a9:16:bf:46:cd:34:46:34:
e6:eb:b3:93:19:1a:11:71:26:42:e3:0f:7d:a8:e2:
c0:12:72:fd:5e:0b:3f:1d:2d:a3:7f:73:b6:00:aa:
99:00:e2:55:3e:06:1e:d6:6c:0e:eb:64:d8:06:04:
67:da:b3:00:10:8a:fa:55:1d:c7:a8:d7:31:59:3e:
ae:ca:3c:91:a2:41:ff:e7:bc:73:c5:ca:4f:8c:d5:
eb:c5:5e:8c:d7:f5:52:44:98:be:25:85:37:71:ae:
03:4a:ca:2d:22:e9:42:22:44:15:53:6c:2b:24:b3:
70:ce:1e:69:6c:f5:1d:3e:2a:a9:36:65:59:76:cb:
2e:cb:a5:c7:04:22:61:67:bc:30:a6:2f:c1:77:48:
20:ad:76:eb:b1:b3:d6:70:89:c4:9f:8c:63:68:1c:
16:fc:8b:77:12:7a:20:64:33:70:b6:6c:fd:1c:43:
6b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:34:EA:EA:E8:D4:73:94:5A:02:AC:3E:29:80:2D:63:12:E6:6D:51
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/cjTq6ujUc5RaAqw-KYAtYxLmbVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:b6:7f:59:3c:dc:34:d9:c8:30:cf:c9:58:11:0f:01:ac:85:
bd:02:86:e7:e2:a6:77:6a:44:76:92:bf:ab:dd:d5:02:d6:ee:
0e:91:06:00:e0:4c:be:9d:88:1a:52:89:f6:de:42:a6:69:8b:
f7:65:a9:7d:50:48:86:98:cc:a1:a9:6c:4d:e6:62:c1:20:48:
d9:31:48:e4:dc:ae:d5:3d:b6:36:b4:ad:4b:2f:83:c0:ad:8d:
2c:81:d9:fa:a5:74:b4:10:9a:ce:9f:d3:a8:89:17:d7:12:56:
03:bf:7e:d9:c2:86:fe:1f:bd:bc:bd:c4:df:77:db:31:61:9d:
a2:e3:53:d4:28:7b:3f:88:f4:f3:dc:65:c4:43:54:ed:b7:93:
c6:58:dd:db:ab:e2:ce:09:db:a6:8d:f8:fd:8d:a0:99:5e:66:
cb:6d:df:1c:7b:20:4d:bd:c0:ad:66:ee:0d:08:67:d7:42:62:
42:75:3d:f4:46:df:77:25:66:c6:3a:dd:b5:cf:00:22:09:14:
90:3d:93:e3:86:e8:a8:7f:cd:08:31:01:c1:90:50:16:05:38:
b0:45:e2:bc:ef:32:ab:18:75:18:46:b8:8f:e8:28:0b:7c:d4:
be:34:b8:63:19:b2:93:2f:02:12:83:a3:8f:02:ac:7b:bc:b9:
17:d2:c0:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDXX2SMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
N2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQxZDM1N2UwHhcNMjIwNzAx
MDQxOTU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MjM0ZWFlYWU4ZDQ3
Mzk0NWEwMmFjM2UyOTgwMmQ2MzEyZTY2ZDUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo0q6zRCq5++8L6vSvVZnh0xqY/lZSfKpyBxYiRA8jL6arbm6
WiQv6UD2Ot3KceMz2vqkqhQmgpdDV+b2JXkikDgK4cHGI4s9FCXuoI+8mRI8qRa/
Rs00RjTm67OTGRoRcSZC4w99qOLAEnL9Xgs/HS2jf3O2AKqZAOJVPgYe1mwO62TY
BgRn2rMAEIr6VR3HqNcxWT6uyjyRokH/57xzxcpPjNXrxV6M1/VSRJi+JYU3ca4D
SsotIulCIkQVU2wrJLNwzh5pbPUdPiqpNmVZdssuy6XHBCJhZ7wwpi/Bd0ggrXbr
sbPWcInEn4xjaBwW/It3EnogZDNwtmz9HENrswIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFHI06uro1HOUWgKsPimALWMS5m1RMB8GA1UdIwQYMBaAFLB6uSJWXis+LMY9
SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlhLzEv
Y2pUcTZ1alVjNVJhQXF3LUtZQXRZeExtYlZFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82
ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlhLzEvc0hxNUlsWmVLejRz
eGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhL4wDANBgkqhkiG9w0BAQsFAAOC
AQEAe7Z/WTzcNNnIMM/JWBEPAayFvQKG5+Kmd2pEdpK/q93VAtbuDpEGAOBMvp2I
GlKJ9t5CpmmL92WpfVBIhpjMoalsTeZiwSBI2TFI5Nyu1T22NrStSy+DwK2NLIHZ
+qV0tBCazp/TqIkX1xJWA79+2cKG/h+9vL3E33fbMWGdouNT1Ch7P4j089xlxENU
7beTxljd26vizgnbpo34/Y2gmV5my23fHHsgTb3ArWbuDQhn10JiQnU99EbfdyVm
xjrdtc8AIgkUkD2T44boqH/NCDEBwZBQFgU4sEXivO8yqxh1GEa4j+goC3zUvjS4
Yxmyky8CEoOjjwKse7y5F9LA+Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:29 2025 by rpki-client